An archive timestamp is applied to a PDF after a signature or document timestamp has been applied, to prove that no tampering has occurred since then.
When a new archive timestamp is added to a PDF with a signature or document timestamp, it proves that there are no issues with the latest information confirmed online.
The reliability of the PDF, thus proven, is guaranteed for the validity period of the added archive timestamp.
By repeating this process regularly, the period during which the reliability of the PDF is guaranteed is effectively extended, making it possible to achieve long-term storage and long-term assurance of the PDF.
The following signatures and timestamps can have an archive timestamp added to them using this product.
However, all of them require that the signature or timestamp to be targeted is within its validity period.
TimeStamp |
|
---|---|
Signature |
|
An archive timestamp needs to be applied within the validity period of the certificate used for the signature or timestamp. Ideally, it should be after the certificate revocation list (CRL: Certificate Revocation List) has been updated by the certificate authority after the signature or timestamp has been applied.
The optimal frequency for adding an archive timestamp needs to be determined by the user as appropriate.
If it is a very important document, you can continue to prove that there has been no tampering with the PDF for a long period of time by regularly applying an archive timestamp. On the other hand, for documents that are not so important or that finish their role in a short period of time, there is no need to update the archive timestamp frequently.
Please consider based on the importance of the document and how long its reliability needs to be maintained.
In the case of a signature, the next action and its deadline required for long-term assurance can be confirmed in the [Verification] > [Verify] > [Property of signature] > [PAdES] tab.
If you have applied a signature or timestamp to a PDF for the purpose of long-term storage and long-term assurance, you need to add an archive timestamp.
CAdES signatures (hereafter, NEC long-term signatures) created using the “NEC Plugin Long-Term Signature Option” of our old products SkyPDF Professional 2012 / 2016, which are still verified as normal, can have an archive timestamp added with this product. However, it is not possible to newly apply this long-term signature.
This product only supports the following formats of NEC long-term signatures.
CAdES-T | This format includes a basic signature and a timestamp for that signature value. It can be extended by adding CAdES-A. |
---|---|
CAdES-X Long | This adds verification information and reference information to the existing CAdES-T. Since it does not include an archive timestamp, the validity period is not extended. It can be extended by adding CAdES-A. |
CAdES-A | For existing CAdES-T, it extends the validity period by adding reference information to the verification information, verification information, and an archive timestamp. For existing CAdES-X Long and CAdES-A, it extends the validity period by adding an archive timestamp. The validity period can be extended each time an archive timestamp is added. |
The validity period of the NEC Long-Term Signature is extended each time CAdES-A (archive timestamp) is added.
It is not possible to extend it after the validity period of the timestamp has passed.
If you are aiming for long-term storage of PDFs, check the validity period of the TSA certificate from the [Timestamp Token Information] of the latest archive timestamp, and add CAdES-A regularly before the validity period expires.